🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional43 / 124
Question 43 of 124

A cloud security architect is reviewing the virtual network design for a new multi-tier IaaS application. During threat modeling, the team identifies that a compromised tenant VM on a shared virtual subnet could potentially advertise a false gateway address to redirect and intercept traffic from neighboring VMs on the same broadcast domain. Which control most directly mitigates this specific Layer 2 threat within the cloud provider's virtual network?

Reviewed for accuracy · Report an issueNext question